TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-22 10:28:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove fulltext recreate-key config value

Browse Source 
It's now in the admin routes, protected by the
`admin-endpoint.secret`.
This commit is contained in:
Eike Kettner
2021-01-04 15:16:32 +01:00
parent 306f064ad9
commit 2a172ce720
6 changed files with 77 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
website/site/content/docs/api/intro.md
View File

@ -16,11 +16,14 @@ workflow.
The "raw" `openapi.yml` specification file can be found
[here](/openapi/docspell-openapi.yml).
The routes can be divided into protected and unprotected routes. The
unprotected, or open routes are at `/open/*` while the protected
routes are at `/sec/*`. Open routes don't require authenticated access
and can be used by any user. The protected routes require an
authenticated user.
The routes can be divided into protected, unprotected routes and admin
routes. The unprotected, or open routes are at `/open/*` while the
protected routes are at `/sec/*` and admin routes are at `/admin/*`.
Open routes don't require authenticated access and can be used by any
user. The protected routes require an authenticated user. The admin
routes require a special http header with a value from the config
file. They are disabled by default, you need to specify a secret in
order to enable admin routes.
## Authentication
@ -38,6 +41,26 @@ a "normal" http header. If a cookie header is used, the cookie name
must be `docspell_auth` and a custom header must be named
`X-Docspell-Auth`.
## Admin
There are some endpoints available for adminstration tasks, for
example re-creating the complete fulltext index or resetting a
password. These endpoints are not available to normal users, but to
admins only. Docspell has no special admin users, it simply uses a
secret defined in the configuration file. The person who installs
docspell is the admin and knows this secret (and may share it) and
requests must provide it as a http header `Docspell-Admin-Secret`.
Example: re-create the fulltext index (over all collectives):
``` bash
$ curl -XPOST -H "Docspell-Admin-Secret: test123" http://localhost:7880/api/v1/admin/fts/reIndexAll
```
To enable these endpoints, you must provide a secret in the
[configuration](@/docs/configure/_index.md#admin-endpoint).
## Live Api
Besides the statically generated documentation at this site, the rest